Get a Pentest and security assessment of your IT network.

Cyber Security

RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework

Versions of popular developer tool Zend Framework and its successor Laminas Project can be abused by an attacker to execute remote code on PHP-based websites. Bug was publicly disclosed Monday by cybersecurity researcher Ling Yizhou, who also published two proof-of-concept attack scenarios. The bug, tracked as CVE-2021-3007, does not have a severity rating listed with MITRE. The maintainers of Zend are contesting whether or not the vulnerability classification is correct.

Source: https://threatpost.com/rce-bug-php-scripting-framework/162773/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation